News

Major security flaw discovered in Thunderbolt-equipped devices

Security Researcher Björn Ruytenberg at Eindhoven University of Technology has exposed a massive hole in the security of all devices that come with a Thunderbolt port. He revealed that using a relatively simple technique dubbed ‘Thunderspy,’ attackers can retrieve data from these computers within five minutes.

What made Thunderbolt such a massive hit within the computer hardware community is the transfer speed it offers its users. These ports can essentially give devices direct access to a computer’s memory, which makes these extremely fast, when compared to the standard Universal Serial Buses. This direct access to memory also makes the computer vulnerable to many potential security breaches. These security breaches, named Thunderclap, were first thought of as avoidable; researchers suggested simply disabling the Thunderbolt, allowing access only to the DisplayPort or the USB-C devices that plug in.

Ruytenberg has since revealed that even with the Thunderbolt disabled, hackers and attackers can gain access to your data by simply having physical access to your device, a screwdriver, and some “easily portable hardware.” Also, the breach itself does not leave any trace, meaning the user would never know that an attack had ever taken place.

Ruytenberg developed a concept he named, “The evil maid attack.” He said, in his statement, that all the attacker (who, in this case is being referred to as the ‘evil maid’) has to do is, “unscrew the backplate, attach a device momentarily, reprogram the firmware, reattach the backplate, and the evil maid gets full access.” He mentioned that all of this could be done in under five minutes.

This whole attack, Ruytenberg said, could cost the attackers as low as $400. Intel recently announced a Thunderbolt security system, the Kernel Direct Memory Access Protection. The protection it offers, however, is only for devices manufactured in 2019 or later, so devices manufactured and sold before that remain unprotected. There are also a list of HP, Dell, and Lenovo devices manufactured in 2019 or later that the system does not work on.

Apple devices equipped with Thunderbolt do, however, remain unaffected unless they are running Boot Camp.

To protect yourself against the attacks, Ruytenberg suggested that users should ensure the physical safety of their devices and avoid leaving their systems unattended in public areas, “while powered on, even if screenlocked.”

Sponsored
Hamnah Khalid

Share
Published by
Hamnah Khalid
Tags: Security

Recent Posts

PSX Hits New Heights, Surges by 1,800 Points to Cross 97,000

On Thursday, the Pakistan Stock Exchange (PSX) 100 Index surged by 1,781.94 points, or 1.86%,…

32 mins ago

Pakistan’s IT Minister Defends Internet Restrictions: Here’s All We Know!

Shaza Fatima Khawaja, Minister of State for IT and Telecom, made it clear on Thursday…

2 hours ago

PayPal Resolves Global Outage Impacting Thousands

PayPal, the global payment processing company, announced on Friday that it had successfully resolved a…

2 hours ago

7,300 Teaching Interns Hired Across Punjab

LAHORE: Punjab government colleges have completed the recruitment of 7,354 teaching interns. The Higher Education…

3 hours ago

Pakistani Engineers To Get Free AI Training from PEC

The Pakistan Engineering Council (PEC) is launching a free six-week online training program on Generative…

3 hours ago

VPN Ban Could Cost Pakistan’s IT Industry $1 Billion, Warns P@SHA

The Pakistan Software Houses Association (P@SHA) has raised alarms about the severe impact of the…

16 hours ago